The Active Administrator installation guide lists the user privilege requirements for the Active Administrator Agent, but the permissions listed do not appear to be enough:
Active Administrator Agent can run under a domain user account provided it is either a local administrator account, which gives it the rights to log on as a service, log on locally and manage auditing and security log, or these privileges can be granted individually. This user or service account should also be a member of the AA_Admin group.
Issue: When the audit agent is restarted, it stops writing to the database if it is not a member of the Enterprise Admin group or built in Administrators.
Create a domain user account within Active Directory Users and Computers.
Using (GPMC) Group Policy Management console, edit the Default Domain Controller (GPO) Group Policy Object.
Give the account “User Rights” to Manage auditing and Security log.
On the target domain controllers, give this user account rights to read the following registry key:
Verify the user account has at least "Write" access to the folder c:\Windows\SLAgent.
Note: This will need to be done after the agent has been installed.
© ALL RIGHTS RESERVED. Feedback Terms of Use Privacy Cookie Preference Center